Information security is a hot topic today – it’s everywhere in the news. Data breaches, phishing attacks and online fraud are becoming more commonplace as cyber criminals grow more sophisticated. We hear daily about cyber-attacks like:
- Online Extortion
- Malware attacks
- Identity theft
- Phishing
In today’s data-rich environment, you may have the most high-tech security deployed to your
systems. But if your workforce isn’t up to speed on the dangers at hand and how each employee is crucial to combatting them, you’re neglecting your most important protection.
The best defense against the constantly evolving threat of cyber criminals is an information security initiative as part of your workforce compliance program. Your employees provide the best security, or greatest vulnerability, for the private data you are responsible for safeguarding. Every member of your workforce needs to be aligned on the goals of maintaining privacy standards and protocols to protect private information.
Information security initiatives rolled out through Complí provide training, policies, and guidance to help you avoid common IT security pitfalls encountered by end users. Our policies and training highlight how seemingly harmless actions by employees give opportunistic hackers access to sensitive organizational data and systems.
They provide employees common-sense guidelines to address issues like mobile & online security, password security, and malicious e-mails. Other topics include responsible use of the internet, social media, and other electronic communication channels.
The goal in your Information Security initiative is to educate, reinforce, and demonstrate your company’s commitment to safe data handling practices. The Compligo platform enables you to automatically schedule your training cadence all at once which helps avoid information overload on your employees while the regularity keeps the topic consistently in their mind as a recurring responsibility in their role.
Implementation Steps in this Guide
-
Edit and Distribute the Email and Electronic Communications Policy
-
Distribute the IT Security: Safeguarding Your Mobile Devices Short Training
-
Distribute the IT Security for End Users: Secure Corporate Communications and Networking Training
-
Distribute the IT Security: What You Need to Know About Phishing Short Training
-
Distribute the IT Security for End Users: Using Corporate Devices Securely Training
-
Distribute the Privacy & Information Security Training Short Training
-
Distribute the Risk Management: Workplace Safety, Security, and Privacy Training
-
Distribute the Privacy & Information Security: Some Examples from the Trenches Short Training
-
Distribute the The Internet, Social Media, and Electronic Communication Training
-
Distribute the Privacy & Information Security: The Basics Short Training
-
Distribute the Information Security – The Break-In Training Short Training
-
Distribute the Social Media - Blogger Gone Bad Short Training
-
Distribute the Using the Internet – Beware the Share Short Training
Edit and Distribute the Information Security Policy
Review and edit the policy
- Click on the Library tab
- Search for "Information Security Policy" and click on it
- Click on the Edit button to view the list of versions
- Click Create Draft to the right of the latest published version
- Click Edit next to the Draft version that you just created
- Make desired changes to the policy
- Click Publish to finish editing the policy
Schedule the activity for distribution
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Information Security Policy
- Click on Groups and assign to the appropriate groups, such as All Employees
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Edit and Distribute the Confidential Information Policy
Review and edit the policy
- Click on the Library tab
- Search for "Confidential Information Policy" and click on it
- Click on the Edit button to view the list of versions
- Click Create Draft to the right of the latest published version
- Click Edit next to the Draft version that you just created
- Make desired changes to the policy
- Click Publish to finish editing the policy
Schedule the activity for distribution
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Confidential Information Policy
- Click on Groups and assign to the appropriate groups, such as All Employees
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Edit and Distribute the Personal Information Policy
Review and edit the policy
- Click on the Library tab
- Search for "Personal Information Policy" and click on it
- Click on the Edit button to view the list of versions
- Click Create Draft to the right of the latest published version
- Click Edit next to the Draft version that you just created
- Make desired changes to the policy
- Click Publish to finish editing the policy
Schedule the activity for distribution
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Personal Information Policy
- Click on Groups and assign to the appropriate groups, such as All Employees
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Edit and Distribute the Social Media Policy
Review and edit the policy
- Click on the Library tab
- Search for "Social Media Policy" and click on it
- Click on the Edit button to view the list of versions
- Click Create Draft to the right of the latest published version
- Click Edit next to the Draft version that you just created
- Make desired changes to the policy
- Click Publish to finish editing the policy
Schedule the activity for distribution
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Social Media Policy
- Click on Groups and assign to the appropriate groups, such as All Employees
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Edit and Distribute the Website Privacy Policy
Review and edit the policy
- Click on the Library tab
- Search for "Website Privacy Policy" and click on it
- Click on the Edit button to view the list of versions
- Click Create Draft to the right of the latest published version
- Click Edit next to the Draft version that you just created
- Make desired changes to the policy
- Click Publish to finish editing the policy
Schedule the activity for distribution
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Website Privacy Policy
- Click on Groups and assign to the appropriate groups, such as All Employees
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Edit and Distribute the Clean Desk Policy
Review and edit the policy
- Click on the Library tab
- Search for "Clean Desk Policy" and click on it
- Click on the Edit button to view the list of versions
- Click Create Draft to the right of the latest published version
- Click Edit next to the Draft version that you just created
- Make desired changes to the policy
- Click Publish to finish editing the policy
Schedule the activity for distribution
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Clean Desk Policy
- Click on Groups and assign to the appropriate groups, such as All Employees
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Edit and Distribute the Secure Printing Policy
Review and edit the policy
- Click on the Library tab
- Search for "Secure Printing Policy" and click on it
- Click on the Edit button to view the list of versions
- Click Create Draft to the right of the latest published version
- Click Edit next to the Draft version that you just created
- Make desired changes to the policy
- Click Publish to finish editing the policy
Schedule the activity for distribution
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Secure Printing Policy
- Click on Groups and assign to the appropriate groups, such as All Employees
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Edit and Distribute the Password Policy
Review and edit the policy
- Click on the Library tab
- Search for "Password Policy" and click on it
- Click on the Edit button to view the list of versions
- Click Create Draft to the right of the latest published version
- Click Edit next to the Draft version that you just created
- Make desired changes to the policy
- Click Publish to finish editing the policy
Schedule the activity for distribution
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Password Policy
- Click on Groups and assign to the appropriate groups, such as All Employees
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Edit and Distribute the Remote User Policy
Review and edit the policy
- Click on the Library tab
- Search for "Remote User Policy" and click on it
- Click on the Edit button to view the list of versions
- Click Create Draft to the right of the latest published version
- Click Edit next to the Draft version that you just created
- Make desired changes to the policy
- Click Publish to finish editing the policy
Schedule the activity for distribution
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Remote User Policy
- Click on Groups and assign to the appropriate groups, such as All Employees
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Edit and Distribute the Email and Electronic Communications Policy
Review and edit the policy
- Click on the Library tab
- Search for "Email and Electronic Communications Policy" and click on it
- Click on the Edit button to view the list of versions
- Click Create Draft to the right of the latest published version
- Click Edit next to the Draft version that you just created
- Make desired changes to the policy
- Click Publish to finish editing the policy
Schedule the activity for distribution
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Email and Electronic Communications Policy
- Click on Groups and assign to the appropriate groups, such as All Employees
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Distribute the IT Security Fundamentals Training
Title | Duration (Minutes) | Type | Description |
IT Security Fundamentals Training | 60 | Course | Companies that have the greatest chance of fending off IT security attacks are those that have employees who are armed with the knowledge of how to use a company's computers, network, and mobile devices with security in mind. In this course, you'll learn fundamental security concepts that apply to use as an end user, like the role you play in your company's overall IT security. This course also covers some of the most common IT security policies that apply to you as an end user, including policies for secure computer use, mobile device use, and general security policies if you work remotely. |
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the IT Security Fundamentals Training
- Click on Groups and assign to the appropriate groups, such as All Employees.
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Distribute the IT Security: Safeguarding Your Mobile Devices Short Training
Title | Duration (Minutes) | Type | Description |
IT Security: Safeguarding Your Mobile Devices Short Training | 6 | Short | Mobile devices are a significant risk to an organization's network security. In this Compliance Expert Impact, Bill Baker explores steps companies can take to better insulate their networks from mobile intrusion. |
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the IT Security: Safeguarding Your Mobile Devices Short Training
- Click on Groups and assign to the appropriate groups, such as All Employees.
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Distribute the IT Security for End Users: Secure Corporate Communications and Networking Training
Title | Duration (Minutes) | Type | Description |
IT Security for End Users: Secure Corporate Communications and Networking Training | 60 | Course | The advancement in corporate communications and social networking has opened countless opportunities and new ways for people to perform their jobs. But just as our IT communications options have advanced, so have the security threats posed by these advancements. In this course you'll learn about the common threats to corporate computers and devices that exploit vulnerabilities in our communications and networking methods such as e-mail, Internet, and social networking platforms. This course also covers best practices and techniques to mitigate security risks while conducting communications as part of your job. Finally this course covers what social engineering is, and how as an end user of corporate computers and devices you can protect yourself and your company from the intelligent ways hackers use social engineering. |
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the IT Security for End Users: Secure Corporate Communications and Networking Training
- Click on Groups and assign to the appropriate groups, such as All Employees.
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Distribute the IT Security: What You Need to Know About Phishing Short Training
Title | Duration (Minutes) | Type | Description |
IT Security: What You Need to Know About Phishing Short Training | 5 | Short | Phishing is a fraudulent attempt to access personal financial account information or a corporate network. In this Compliance Expert Impact, Bill Baker explores common forms of phishing attempts. |
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the IT Security: What You Need to Know About Phishing Short Training
- Click on Groups and assign to the appropriate groups, such as All Employees.
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Distribute the IT Security for End Users: Using Corporate Devices Securely Training
Title | Duration (Minutes) | Type | Description |
IT Security for End Users: Using Corporate Devices Securely Training | 30 | Course | Knowing how to use corporate computers and devices in a secure way helps ensure you don't jeopardize your work, your organization, or your personal security. In this course you'll learn about common threats to corporate computers, including malicious attacks, and best practices for using your computer in ways that prevent these attacks. This course also covers some of the security threats you might face when using corporate mobile devices, and techniques you can use to protect your device and yourself. |
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the IT Security for End Users: Using Corporate Devices Securely Training
- Click on Groups and assign to the appropriate groups, such as All Employees.
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Distribute the Privacy & Information Security Training Short Training
Title | Duration (Minutes) | Type | Description |
Privacy & Information Security Training Short Training | 6 | Short | Given the global nature of commerce and the prevalence of the electronic exchange of information, data security has never been a more critical business issue. This course will provide employees in global organizations with a high-level awareness of the regulatory, legal, and corporate requirements for handling and protecting personal and sensitive information. This course was developed with subject matter support provided by Gordon Dadds LLP. |
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Privacy & Information Security Training Short Training
- Click on Groups and assign to the appropriate groups, such as All Employees.
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Distribute the Risk Management: Workplace Safety, Security, and Privacy Training
Title | Duration (Minutes) | Type | Description |
Risk Management: Workplace Safety, Security, and Privacy Training | 60 | Course | Safeguarding employees' safety, health, workplace security, and privacy is essential for an organization's continuation and success, and is of particular concern to HR professionals. This course explains various aspects of employee safety issues, programs, health hazards, and employee assistance and wellness programs that HR professionals should be aware of. It also outlines how security risk analysis and programs can be used to avoid future emergencies. Finally, this course examines workplace privacy issues, privacy policy, and concerns of employees and employers with regard to privacy. This course helps prepare individuals for the Human Resource Certification Institute's (HRCI) PHR and SPHR certification examinations. |
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Risk Management: Workplace Safety, Security, and Privacy Training
- Click on Groups and assign to the appropriate groups, such as All Employees.
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Distribute the Privacy & Information Security: Some Examples from the Trenches Short Training
Title | Duration (Minutes) | Type | Description |
Privacy & Information Security: Some Examples from the Trenches Short Training | 5 | Short | Depending on the context, personal information may need to be protected for confidentiality. Organizations with access to this information need to understand how and when to protect privacy. In this Compliance Expert Impact, Bill Baker presents some examples from the trenches. |
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Privacy & Information Security: Some Examples from the Trenches Short Training
- Click on Groups and assign to the appropriate groups, such as All Employees.
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Distribute the The Internet, Social Media, and Electronic Communication Training
Title | Duration (Minutes) | Type | Description |
The Internet, Social Media, and Electronic Communication Training | 60 | Course | Regular use of the Internet and electronic communications is a way of life for most people, as technology makes it easier to communicate with coworkers, clients, family, and friends. The near constant availability of e-mail, social and professional networking web sites, smartphones, and other tools has blurred the line between work and home to the point where our online activities at home may have an impact on our companies and employment. Most employers encourage staff to use the Internet and other electronic communication tools for business purposes, and some employers also permit a certain level of personal use in the workplace as well. For this reason, it's important to be familiar with your company's policy on Internet use and electronic communications. This course provides background information to be considered in light of your own company's policies. You will learn about some generally accepted best practices for protecting your own and your company's best interests while using e-mail, instant messaging, text messaging, as well as other Internet technologies such as social networking sites and blogs. This course was developed with subject matter support provided by Potomac Law Group, PLLC. P |
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the The Internet, Social Media, and Electronic Communication Training
- Click on Groups and assign to the appropriate groups, such as All Employees.
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Distribute the Privacy & Information Security: The Basics Short Training
Title | Duration (Minutes) | Type | Description |
Privacy & Information Security: The Basics Short Training | 6 | Short | Given the global nature of commerce and the prevalence of the electronic exchange of information, data security has never been a more critical business issue. This course will provide employees in global organizations with a high-level awareness of the regulatory, legal, and corporate requirements for handling and protecting personal and sensitive information. This course was developed with subject matter support provided by Gordon Dadds LLP. |
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Privacy & Information Security: The Basics Short Training
- Click on Groups and assign to the appropriate groups, such as All Employees.
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Distribute the Privacy and Information Security Training
Title | Duration (Minutes) | Type | Description |
Privacy and Information Security Training | 25 | Course | This course will prepare you to handle private information responsibly as required by law and by your organization. It will give you an understanding of the kinds of information that are considered private and that are subject to protection under US law. It will explore the various strategies for safeguarding private information you encounter as part of your job and teach you about recognizing and reporting potential privacy breaches. In addition, it will give you an appreciation of the negative consequences of failing to adequately protect such private or confidential information. This course was developed with subject matter support provided by the Labor & Employment Law Group of the law firm of Baker, Donelson, Bearman, Caldwell & Berkowitz, PC. |
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Privacy and Information Security Training
- Click on Groups and assign to the appropriate groups, such as All Employees.
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Distribute the Information Security – The Break-In Training Short Training
Title | Duration (Minutes) | Type | Description |
Information Security – The Break-In Training Short Training | 6 | Short | Given the global nature of commerce and the volume of electronic information routinely exchanged every day, data security has never been a more critical business issue. This Compliance Impact dramatizes how a simple act of carelessness can cause a serious data breach. |
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Information Security – The Break-In Training Short Training
- Click on Groups and assign to the appropriate groups, such as All Employees.
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Distribute the Social Media - Blogger Gone Bad Short Training
Title | Duration (Minutes) | Type | Description |
Social Media - Blogger Gone Bad Short Training | 6 | Short | Using social media can be risky, especially when talking about your company or competitors. This Compliance Impact explores a situation where an employee uses social media inappropriately – in a way that is both unethical and in violation of her company's social media policy. |
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Social Media - Blogger Gone Bad Short Training
- Click on Groups and assign to the appropriate groups, such as All Employees.
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Distribute the Using the Internet – Beware the Share Short Training
Title | Duration (Minutes) | Type | Description |
Using the Internet – Beware the Share Short Training | 6 | Short | While the Internet has transformed how we share information, there are potential risks associated with using it in the workplace. You need to protect your own and your company's best interests when using Internet technologies. This Compliance Impact dramatizes some situations where employees' use of the Internet poses a threat to their companies. |
- Click on the Workspaces tab
- Click on the Information Technology workspace
- Click on the Information Security initiative
- Click on the Using the Internet – Beware the Share Short Training
- Click on Groups and assign to the appropriate groups, such as All Employees.
- Click on Schedule and set an annual schedule based on the Hire Date.
- Click Save
Comments
0 comments
Please sign in to leave a comment.